Use CircleCI version 2.1 at the top of your .circleci/config.yml file.
1
version: 2.1
Add the orbs
stanza below your version, invoking the orb:
1
2
orbs:
redhat-openshift: circleci/redhat-openshift@0.2.1
Use redhat-openshift
elements in your existing workflows and jobs.
Create an local OpenShift cluster.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
version: '2.1'
orbs:
redhat-openshift: circleci/redhat-openshift@0.1.0
jobs:
create-local-cluster:
executor: redhat-openshift/machine-for-local-cluster
steps:
- redhat-openshift/create-local-cluster-with-oc:
skip-registry-check: true
- redhat-openshift/login-and-update-kubeconfig:
insecure-skip-tls-verify: true
openshift-platform-version: 3.x
password: password
server-address: https://127.0.0.1:8443
username: dev1
- run:
command: >
oc new-project localclustertestproject
oc new-app
centos/ruby-25-centos7~https://github.com/sclorg/ruby-ex.git
kubectl get services
name: Test the cluster
workflows:
deployment:
jobs:
- create-local-cluster
Deploy an application to an existing OpenShift cluster with kubectl.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
version: '2.1'
orbs:
kubernetes: circleci/kubernetes@0.3.0
redhat-openshift: circleci/redhat-openshift@0.1.0
jobs:
deploy-to-cluster:
executor: redhat-openshift/default
steps:
- redhat-openshift/login-and-update-kubeconfig:
insecure-skip-tls-verify: true
openshift-platform-version: 4.x
password: $OPENSHIFT_PASSWORD
server-address: $OPENSHIFT_SERVER
username: $OPENSHIFT_USER
- run:
command: |
cat \<<- EOF > deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx-deployment
spec:
selector:
matchLabels:
app: nginx
replicas: 2
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx:1.7.9
ports:
- containerPort: 80
EOF
name: Create example k8s deployment yaml file
- kubernetes/create-or-update-resource:
get-rollout-status: true
resource-file-path: deployment.yaml
resource-name: deployment/nginx-deployment
workflows:
deployment:
jobs:
- deploy-to-cluster
Creates a local Kubernetes cluster with the oc client CLI. Requires the setup_remote_engine step if this command is run on a Docker executor. Note: This relies on the "oc cluster up" command being available in the version of oc client CLI installed. It is not currently available in version 4 of the OpenShift client CLI.
PARAMETER | DESCRIPTION | REQUIRED | DEFAULT | TYPE |
---|---|---|---|---|
cli-release-tag | OpenShift client CLI version.
Defaults to the latest stable version.
| No | '' | string |
host-config-dir | Directory on Docker host for OpenShift configuration.
| No | '' | string |
host-data-dir | Directory on Docker host for OpenShift data.
Specify this to persist data across restarts of the cluster.
| No | '' | string |
skip-registry-check | Whether to skip the Docker daemon registry check.
| No | false | boolean |
use-existing-config | Whether to use existing configuration if present.
| No | false | boolean |
Install the OpenShift client CLI and also the kubectl that is included in the CLI package. Requirements: curl, amd64 architecture
PARAMETER | DESCRIPTION | REQUIRED | DEFAULT | TYPE |
---|---|---|---|---|
release-tag | OpenShift client CLI version.
Use this to specify a tag to select which published release of the CLI,
as listed on https://github.com/openshift/origin/releases,
to install. If no value is specified, the latest stable release will be installed.
Note: The specified release should be compatible with the version of the
OpenShift cluster that the CLI is intended for. Also, pre or alpha releases cannot be specified.
| No | '' | string |
Performs a login to the OpenShift server, either via username and password, certificate authority file, or a token. Upon a successful login, the kubectl configuration file (kubeconfig) will be updated with the OpenShift cluster access credentials.
PARAMETER | DESCRIPTION | REQUIRED | DEFAULT | TYPE |
---|---|---|---|---|
certificate-authority | Used for login via certificate authority.
Specfiies the path to the certificate authority file for logging into the OpenShift server.
(Do not set the "username", "password" and "token" parameters if login via certificate
authority is desired)
| No | '' | string |
insecure-skip-tls-verify | If true, the server's certificate will not be checked for validity. This will
make your HTTPS connections insecure.
| No | false | boolean |
openshift-cli-release-tag | The version of the OpenShift CLI to be installed, if it is
not already installed. Defaults to the latest stable version.
| No | '' | string |
openshift-platform-version | The version of the OpenShift platform that the cluster is on.
| Yes | - | enum |
password | Used for login via username and password.
Specifies the password for logging into the OpenShift server.
(Do not set the "certificate-authority" and "token" parameters if login via username
and password credentials is desired)
| No | '' | string |
project | Specifies a project to switch to after the login.
If none is specified, the default project will be used.
| No | '' | string |
server-address | The address of the OpenShift server (in the form hostname:port).
| Yes | - | string |
token | Used for login via token.
Specifies the bearer token for authentication to the API server
| No | '' | string |
username | Used for login via username and password.
Specifies the username for logging into the OpenShift server.
(Do not set the "certificate-authority" and "token" parameters if login via username
and password credentials is desired)
| No | '' | string |
Debian-based circleci/python Docker image to use
PARAMETER | DESCRIPTION | REQUIRED | DEFAULT | TYPE |
---|---|---|---|---|
debian-release | - | No | stretch | string |
python-version | - | No | '3.7' | string |
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
# This code is licensed from CircleCI to the user under the MIT license.
# See here for details: https://circleci.com/developer/orbs/licensing
version: 2.1
description: "This orb is no longer supported by CircleCI because of limited or no use. \nIf you would like to use this orb or create your own version feel free to \nfork the repository and use the following https://circleci.com/blog/building-private-orbs/ \nas a guide to making this orb into a private orb for your own use. \nAn orb for working with Red Hat OpenShift.\nProject homepage: https://github.com/CircleCI-Public/redhat-openshift-orb\n"
commands:
create-local-cluster-with-oc:
description: |
Creates a local Kubernetes cluster with the oc client CLI.
Requires the setup_remote_engine step if this command is run
on a Docker executor.
Note: This relies on the "oc cluster up" command being available
in the version of oc client CLI installed. It is not currently
available in version 4 of the OpenShift client CLI.
parameters:
cli-release-tag:
default: ""
description: |
OpenShift client CLI version.
Defaults to the latest stable version.
type: string
host-config-dir:
default: ""
description: |
Directory on Docker host for OpenShift configuration.
type: string
host-data-dir:
default: ""
description: |
Directory on Docker host for OpenShift data.
Specify this to persist data across restarts of the cluster.
type: string
skip-registry-check:
default: false
description: |
Whether to skip the Docker daemon registry check.
type: boolean
use-existing-config:
default: false
description: |
Whether to use existing configuration if present.
type: boolean
steps:
- install-openshift-cli:
release-tag: << parameters.cli-release-tag >>
- run:
command: |
HOST_DATA_DIR="<< parameters.host-data-dir >>"
HOST_CONFIG_DIR="<< parameters.host-config-dir >>"
SKIP_REGISTRY_CHECK="<< parameters.skip-registry-check >>"
USE_EXISTING_CONFIG="<< parameters.use-existing-config >>"
echo '{"insecure-registries": ["172.30.0.0/16"]}' | sudo tee /etc/docker/daemon.json # see https://github.com/openshift/origin/blob/release-3.11/docs/cluster_up_down.md
sudo /etc/init.d/docker restart
if [ -n "${HOST_DATA_DIR}" ]; then
set -- "$@" --host-data-dir="${HOST_DATA_DIR}"
fi
if [ -n "${HOST_CONFIG_DIR}" ]; then
set -- "$@" --host-config-dir="${HOST_CONFIG_DIR}"
fi
if [ "${SKIP_REGISTRY_CHECK}" == "true" ]; then
set -- "$@" --skip-registry-check=true
fi
if [ "${USE_EXISTING_CONFIG}" == "true" ]; then
set -- "$@" --use-existing-config=true
fi
oc cluster up "$@"
name: Create local cluster with the oc CLI (requires machine executor)
install-openshift-cli:
description: |
Install the OpenShift client CLI and also the kubectl
that is included in the CLI package.
Requirements: curl, amd64 architecture
parameters:
release-tag:
default: ""
description: |
OpenShift client CLI version.
Use this to specify a tag to select which published release of the CLI,
as listed on https://github.com/openshift/origin/releases,
to install. If no value is specified, the latest stable release will be installed.
Note: The specified release should be compatible with the version of the
OpenShift cluster that the CLI is intended for. Also, pre or alpha releases cannot be specified.
type: string
steps:
- run:
command: |
if which oc > /dev/null; then
echo "The OpenShift client CLI is already installed"
exit 0
fi
RELEASE_TAG="<< parameters.release-tag >>"
PLATFORM="linux"
if [ -n "$(uname | grep "Darwin")" ]; then
PLATFORM="mac"
fi
RELEASE_URL="https://api.github.com/repos/openshift/origin/releases/latest"
if [ -n "${RELEASE_TAG}" ]; then
RELEASE_URL="https://api.github.com/repos/openshift/origin/releases/tags/${RELEASE_TAG}"
fi
DOWNLOAD_URL=$(curl -s --retry 5 "${RELEASE_URL}" \
| grep "openshift-origin-client-tools" \
| grep "${PLATFORM}" \
| awk '/browser_download_url/ {print $2}' \
| sed 's/"//g')
curl -L -o openshift-client.zip "$DOWNLOAD_URL"
tar xvf openshift-client.zip --strip-components=1
chmod +x ./oc
chmod +x ./kubectl
SUDO=""
if [ $(id -u) -ne 0 ] && which sudo > /dev/null ; then
SUDO="sudo"
fi
$SUDO mv ./oc /usr/local/bin/
$SUDO mv ./kubectl /usr/local/bin/
name: Install the OpenShift client CLI
login-and-update-kubeconfig:
description: |
Performs a login to the OpenShift server, either via username and password,
certificate authority file, or a token.
Upon a successful login, the kubectl configuration file (kubeconfig) will
be updated with the OpenShift cluster access credentials.
parameters:
certificate-authority:
default: ""
description: |
Used for login via certificate authority.
Specfiies the path to the certificate authority file for logging into the OpenShift server.
(Do not set the "username", "password" and "token" parameters if login via certificate
authority is desired)
type: string
insecure-skip-tls-verify:
default: false
description: |
If true, the server's certificate will not be checked for validity. This will
make your HTTPS connections insecure.
type: boolean
openshift-cli-release-tag:
default: ""
description: |
The version of the OpenShift CLI to be installed, if it is
not already installed. Defaults to the latest stable version.
type: string
openshift-platform-version:
description: |
The version of the OpenShift platform that the cluster is on.
enum:
- 3.x
- 4.x
type: enum
password:
default: ""
description: |
Used for login via username and password.
Specifies the password for logging into the OpenShift server.
(Do not set the "certificate-authority" and "token" parameters if login via username
and password credentials is desired)
type: string
project:
default: ""
description: |
Specifies a project to switch to after the login.
If none is specified, the default project will be used.
type: string
server-address:
description: |
The address of the OpenShift server (in the form hostname:port).
type: string
token:
default: ""
description: |
Used for login via token.
Specifies the bearer token for authentication to the API server
type: string
username:
default: ""
description: |
Used for login via username and password.
Specifies the username for logging into the OpenShift server.
(Do not set the "certificate-authority" and "token" parameters if login via username
and password credentials is desired)
type: string
steps:
- install-openshift-cli:
release-tag: << parameters.openshift-cli-release-tag >>
- run:
command: |
SERVER_ADDRESS="<< parameters.server-address >>"
USERNAME="<< parameters.username >>"
PASSWORD="<< parameters.password >>"
CERTIFICATE_AUTHORITY="<< parameters.certificate-authority >>"
TOKEN="<< parameters.token >>"
INSECURE_SKIP_TLS_VERIFY="<< parameters.insecure-skip-tls-verify >>"
if [ -n "${SERVER_ADDRESS}" ]; then
set -- "$@" "${SERVER_ADDRESS}"
fi
if [ -n "${USERNAME}" ]; then
set -- "$@" --username="${USERNAME}"
fi
if [ -n "${PASSWORD}" ]; then
set -- "$@" --password="${PASSWORD}"
fi
if [ -n "${CERTIFICATE_AUTHORITY}" ]; then
set -- "$@" --certificate-authority="${CERTIFICATE_AUTHORITY}"
fi
if [ -n "${TOKEN}" ]; then
set -- "$@" --token="${TOKEN}"
fi
if [ "${INSECURE_SKIP_TLS_VERIFY}" == "true" ]; then
set -- "$@" --insecure-skip-tls-verify=true
fi
oc login "$@"
name: Perform login (and kubeconfig update)
- run:
command: |
PROJECT="<< parameters.project >>"
if [ -n "${PROJECT}" ]; then
oc project ${PROJECT}
else
echo "No project specified; default project will be used."
fi
name: Switch to project
executors:
default:
description: |
Debian-based circleci/python Docker image to use
docker:
- image: circleci/python:<<parameters.python-version>>-<<parameters.debian-release>>
parameters:
debian-release:
default: stretch
type: string
python-version:
default: "3.7"
type: string
machine-for-local-cluster:
description: |
Machine executor suitable for running local clusters.
machine:
image: ubuntu-1604:201903-01
python2:
description: |
CircleCI convenience image for Python 2.
docker:
- image: circleci/python:2
python3:
description: |
CircleCI convenience image for Python 3.
docker:
- image: circleci/python:3
examples:
create-local-cluster:
description: |
Create an local OpenShift cluster.
usage:
version: "2.1"
orbs:
redhat-openshift: circleci/redhat-openshift@0.1.0
jobs:
create-local-cluster:
executor: redhat-openshift/machine-for-local-cluster
steps:
- redhat-openshift/create-local-cluster-with-oc:
skip-registry-check: true
- redhat-openshift/login-and-update-kubeconfig:
insecure-skip-tls-verify: true
openshift-platform-version: 3.x
password: password
server-address: https://127.0.0.1:8443
username: dev1
- run:
command: |
oc new-project localclustertestproject
oc new-app centos/ruby-25-centos7~https://github.com/sclorg/ruby-ex.git
kubectl get services
name: Test the cluster
workflows:
deployment:
jobs:
- create-local-cluster
deployment:
description: |
Deploy an application to an existing OpenShift cluster with kubectl.
usage:
version: "2.1"
orbs:
kubernetes: circleci/kubernetes@0.3.0
redhat-openshift: circleci/redhat-openshift@0.1.0
jobs:
deploy-to-cluster:
executor: redhat-openshift/default
steps:
- redhat-openshift/login-and-update-kubeconfig:
insecure-skip-tls-verify: true
openshift-platform-version: 4.x
password: $OPENSHIFT_PASSWORD
server-address: $OPENSHIFT_SERVER
username: $OPENSHIFT_USER
- run:
command: |
cat \<<- EOF > deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx-deployment
spec:
selector:
matchLabels:
app: nginx
replicas: 2
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx:1.7.9
ports:
- containerPort: 80
EOF
name: Create example k8s deployment yaml file
- kubernetes/create-or-update-resource:
get-rollout-status: true
resource-file-path: deployment.yaml
resource-name: deployment/nginx-deployment
workflows:
deployment:
jobs:
- deploy-to-cluster